package com.cadre.common.utils.common;

import com.cadre.common.exception.RRException;
import org.apache.commons.lang3.StringUtils;

/* loaded from: SQLFilter.class */
public class SQLFilter {
    public static String sqlInject(String str) {
        if (StringUtils.isBlank(str)) {
            return null;
        }
        String str2 = StringUtils.replace(StringUtils.replace(StringUtils.replace(StringUtils.replace(str, "'", ""), "\"", ""), ";", ""), "\\", "").toLowerCase();
        for (String keyword : new String[]{"master", "truncate", "insert", "select", "delete", "update", "declare", "alter", "drop"}) {
            if (str2.indexOf(keyword) != -1) {
                throw new RRException("包含非法字符");
            }
        }
        return str2;
    }
}
